I am a newbie with both openssl & security in general. So excuse me if my questions are naive.
1) I have installed openssl sources. In the certs directory, there are various certificates. I looked at a couple of them - aol1.pem & vsign1.pem. The vsign1.pem starts with subject=/C=US/O=VeriSign, Inc./OU=Class 1 Public Primary Certification Authority notBefore=Jan 29 00:00:00 1996 GMT notAfter=Jan 7 23:59:59 2020 GMT & then BEGIN_CERTIFICATE - the certificate itself & then END_CERTIFICATE. The aol1.pem directly starts with BEGIN_CERTIFICATE - i.e. it doesn't have the subject field & the notBefore/notAfter. Why this difference between aol1.pem & vsign1.pem? 2) I can run the command "openssl x509 -hash -in [pem filename] on either of the pem files & I get a hash (for eg. bda4cc84) for aol1.pem What exactly is being hashed here - is it the part between BEGIN_CERTIFICATE & END_CERTIFICATE? What hashing algorithm in being used? 3) I have firefox installed on my machine. I go to tools -> options -> advanced-> Encryption Tab. Then I click on view certificates. I get the certificate manager dialog with 4 tabs - "Your certs", "other people's certs", "web sites" "authorites". All these 4 tabs have the Import Button. I am able to import aol1.pem etc using the import button on the last 2 tabs, but not the first 2 tabs. Trying to import it using the "Your certs" & "Other people's certs" asks me for the password? Why this difference? i.e. are people's certificates different from authorities & website's certs? ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
